The recommended practice for deploying URL
filtering in your organization is to first start with a passive
URL filtering profile that will alert on most categories. After
setting the alert action, you can then monitor user web activity
for a few days to determine patterns in web traffic. After doing
so, you can then make decisions on the websites and website categories
that should be controlled.
In the procedure that follows,
threat‑prone sites will be set to block and the other categories
will be set to alert, which will cause all websites traffic to be
logged. This may potentially create a large amount of log files,
so it is best to do this for initial monitoring purposes to determine
the types of websites your users are accessing. After determining
the categories that your company approves of, those categories should
then be set to allow, which will not generate logs. You can also
reduce URL filtering logs by enabling the
option in the URL Filtering profile, so only
the main page that matches the category will be logged, not subsequent
pages/categories that may be loaded within the container page.
and rename it. For example, rename it to URL-Monitoring.
Configure the action for all categories to
except for threat‑prone categories, which should remain blocked.
To select all items in the category
list from a Windows system, click the first category, then hold
down the shift key and click the last category—this will select
all categories. Hold the control key (ctrl) down and click items
that should be deselected. On a Mac, do the same using the shift
and command keys. You could also just set all categories to alert
and manually change the recommended categories back to block.
In the section that lists all URL categories,
select all categories.
To the right of the
mouse over and select the down arrow and then select
To ensure that you block access to threat-prone sites,
select the following categories and then set the action to
Apply the URL Filtering profile to the security policy
rule(s) that allows web traffic for users.
and select the appropriate
security policy to modify it.
section, click the
and select the
Save the configuration.
View the URL filtering logs to determine all of the website
categories that your users are accessing. In this example, some
categories are set to block, so those categories will also appear
in the logs.